daggi911 Skrevet 21. august 2008 Del Skrevet 21. august 2008 Combofix log: ComboFix 08-08-19.06 - Dag Eivind 2008-08-21 20:16:52.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.2411 [GMT 2:00] Running from: C:\Documents and Settings\Dag Eivind\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-07-21 to 2008-08-21 ))))))))))))))))))))))))))))))) . 2008-08-21 20:05 . 2008-08-21 20:05 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-08-21 20:05 . 2008-08-21 20:05 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-08-21 20:05 . 2008-08-21 20:05 <DIR> d-------- C:\Documents and Settings\Dag Eivind\Programdata\SUPERAntiSpyware.com 2008-08-21 20:05 . 2008-08-21 20:05 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-08-21 20:03 . 2008-08-21 20:03 <DIR> dr-h----- C:\Documents and Settings\Dag Eivind\Siste 2008-08-21 19:57 . 2008-08-21 19:57 <DIR> d-------- C:\Programfiler\CCleaner 2008-08-20 17:56 . 2008-08-20 17:56 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys 2008-08-20 17:55 . 2008-08-20 18:44 <DIR> d-------- C:\Documents and Settings\Dag Eivind\.housecall6.6 2008-08-20 16:41 . 2008-08-20 16:41 <DIR> d--hs---- C:\found.000 2008-08-19 21:15 . 2008-08-19 21:15 <DIR> d-------- C:\Programfiler\FlashFXP 2008-08-19 21:15 . 2008-08-19 21:15 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\FlashFXP 2008-08-09 16:50 . 2008-08-09 16:50 <DIR> d-------- C:\Programfiler\Audible 2008-08-09 16:50 . 2008-08-09 16:50 417,792 --a------ C:\WINDOWS\system32\awrdscdc.ax 2008-08-09 16:50 . 2001-08-17 22:43 24,576 --------- C:\WINDOWS\system32\msxml3a.dll 2008-08-09 16:46 . 1999-12-12 19:01 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE 2008-08-09 16:46 . 1999-11-17 19:00 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE 2008-08-09 16:45 . 2008-08-09 16:45 <DIR> d-------- C:\Programfiler\Fellesfiler\Creative 2008-08-09 16:45 . 2008-08-09 16:46 <DIR> d--h----- C:\Programfiler\Creative Installation Information 2008-08-09 16:44 . 2008-08-09 16:44 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-08-09 16:44 . 2008-08-09 16:54 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-08-09 12:57 . 2008-08-09 12:57 <DIR> d-------- C:\Programfiler\DVD Shrink 2008-08-09 12:57 . 2008-08-09 13:19 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\DVD Shrink 2008-07-22 18:30 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll 2008-07-22 18:29 . 2008-07-22 18:29 <DIR> d-------- C:\Programfiler\MSBuild 2008-07-22 18:29 . 2008-07-22 18:29 <DIR> d-------- C:\Programfiler\Microsoft Works 2008-07-22 18:26 . 2008-07-22 18:27 <DIR> d-------- C:\WINDOWS\SHELLNEW 2008-07-22 18:26 . 2008-08-15 03:05 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Microsoft Help 2008-07-22 18:25 . 2008-07-22 18:25 <DIR> dr-h----- C:\MSOCache . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-21 17:21 --------- d-----w C:\Documents and Settings\Dag Eivind\Programdata\uTorrent 2008-08-20 02:04 --------- d-----w C:\Documents and Settings\All Users\Programdata\avg8 2008-08-10 01:07 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2008-08-09 14:54 --------- d-----w C:\Documents and Settings\All Users\Programdata\Creative 2008-08-09 14:53 --------- d-----w C:\Programfiler\Google 2008-08-09 14:50 --------- d-----w C:\Programfiler\Creative 2008-08-07 19:59 --------- d-----w C:\Programfiler\Java 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-07 20:33 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-07-05 07:47 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys 2008-07-05 07:47 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys 2008-07-05 07:47 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll 2008-06-26 09:01 --------- d-----w C:\Programfiler\MSXML 4.0 2008-06-25 20:40 --------- d-----w C:\Programfiler\Fellesfiler\Nero 2008-06-25 20:40 --------- d-----w C:\Documents and Settings\Dag Eivind\Programdata\Nero 2008-06-25 20:38 --------- d-----w C:\Programfiler\Nero 2008-06-25 20:38 --------- d-----w C:\Documents and Settings\All Users\Programdata\Nero 2008-06-24 16:24 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:43 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-15 18:21 81,920 ----a-w C:\WINDOWS\system32\OpenAL32.dll 2008-06-15 18:21 233,472 ----a-w C:\WINDOWS\system32\wrap_oal.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2007-10-29 14:00 15360] "uTorrent"="C:\Programfiler\uTorrent\uTorrent.exe" [2008-08-19 16:51 267056] "MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "NVIDIA nTune"="C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 19:25 81920] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe" [2007-08-21 14:52 202024] "CTSyncU.exe"="C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 11:03 868352] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-06-29 04:07 352256] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-02-28 07:34 13516800] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-02-28 07:34 86016] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-05 09:47 1232152] "CTDVDDET"="C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056] "RCSystem"="C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "AudioDrvEmulator"="C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "VolPanel"="C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 11:34 122880] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "NeroFilterCheck"="C:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 11:40 1828136] "GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648] "MP10_EnsureFileVer"="C:\WINDOWS\inf\unregmp2.exe" [2007-10-29 14:00 204800] "CTCheck"="C:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 11:08 397312] "RTHDCPL"="RTHDCPL.EXE" [2006-04-17 09:34 16143872 C:\WINDOWS\RTHDCPL.exe] "nwiz"="nwiz.exe" [2008-02-28 07:34 1626112 C:\WINDOWS\system32\nwiz.exe] "CTHelper"="CTHELPER.EXE" [2005-08-08 00:10 16384 C:\WINDOWS\CTHELPER.EXE] "CTxfiHlp"="CTXFIHLP.EXE" [2005-08-08 00:10 18944 C:\WINDOWS\system32\CTXFIHLP.EXE] "PtiuPbmd"="ulutil2.dll" [2003-11-05 18:06 110592 C:\WINDOWS\system32\ulutil2.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2007-10-29 14:00 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "C:\\Programfiler\\uTorrent\\uTorrent.exe"= "C:\\Programfiler\\Messenger\\msmsgs.exe"= "C:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Programfiler\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Programfiler\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Programfiler\\FlashFXP\\FlashFXP.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= R0 dontgo;Promise Removable Disk Control Driver;C:\WINDOWS\system32\DRIVERS\DontGo.sys [2004-06-29 14:25] R0 ulsata2;ulsata2;C:\WINDOWS\system32\DRIVERS\ulsata2.sys [2004-12-13 11:28] R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-05 09:47] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-05 09:47] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-05 09:47] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-05 09:47] R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2005-08-07 23:54] R3 OMNUSB;Omnikey AG CardMan 2020 USB-smartkortleser;C:\WINDOWS\system32\DRIVERS\sccmusbm.sys [2001-08-17 23:51] S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\Asushwio.sys [2004-04-27 17:26] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [] S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [] *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 *Newly Created Service* - SASDIFSV *Newly Created Service* - SASENUM *Newly Created Service* - SASKUTIL . . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www.startsiden.no/ O8 -: E&ksporter til Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O17 -: HKLM\CCS\Interface\{F8AC2614-4E2B-4671-85CF-1D7DED0F44EC}: NameServer = 10.0.0.138 . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-21 20:17:46 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-08-21 20:18:11 ComboFix-quarantined-files.txt 2008-08-21 18:18:09 Pre-Run: 135,067,934,720 byte ledig Post-Run: 135,066,615,808 byte ledig 164 --- E O F --- 2008-08-15 01:05:40 Hijack this log: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:27:18, on 21.08.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Programfiler\Creative\ShareDLL\CADI\NotiMan.exe C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programfiler\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\explorer.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programfiler\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programfiler\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [CTDVDDET] "C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ulutil2.dll,SetWriteBack O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HKLM\..\Run: [CTCheck] C:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Programfiler\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{F8AC2614-4E2B-4671-85CF-1D7DED0F44EC}: NameServer = 10.0.0.138 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programfiler\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8356 bytes sas log: SUPERAntiSpyware Scan Loghttp://www.superantispyware.com Generated 08/21/2008 at 08:12 PM Application Version : 4.15.1000 Core Rules Database Version : 3542 Trace Rules Database Version: 1531 Scan type : Quick Scan Total Scan Time : 00:05:02 Memory items scanned : 498 Memory threats detected : 0 Registry items scanned : 382 Registry threats detected : 0 File items scanned : 5677 File threats detected : 0 Lenke til kommentar
r2d290 Skrevet 21. august 2008 Del Skrevet 21. august 2008 Jeg ser ikke noe galt i loggen. Merker du noen problemer med maskinen, eller er det bare en rutinesjekk? Lenke til kommentar
daggi911 Skrevet 21. august 2008 Forfatter Del Skrevet 21. august 2008 Jeg ser ikke noe galt i loggen. Merker du noen problemer med maskinen, eller er det bare en rutinesjekk? Takk for at du tok deg tid og se på loggene mine.. Jeg har hatt problemer med at maskinen skrur seg av og starter på nytt ofte, og i dag "mistet" jeg den ene harddisken, på maskinbehandling så står det at harddisken mangler.. har sjekket tilkoplinger til disken, alt er som det skal.. er det noe mer jeg kan gjøre for og sjekke om virus eller eventuelle feil? Lenke til kommentar
r2d290 Skrevet 21. august 2008 Del Skrevet 21. august 2008 Beste måten å sjekke om det er virus, er den måten du har gjort (legge ut loggene du har lagt ut). Det skal sies at jeg så veldig raskt over loggene, men ville vite hva som var problemet... Du får vente litt, så er det sikkert noen andre som kan hjelpe deg videre med feilsøkingen Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå